Deskripsi Pekerjaan

1. Conduct and provide data privacy risk assessments for new products, features, and operational changes across all Grab departments. These assessments involve preparing the necessary documents and logs. These assessment involve preparing Records of Processing Activities (ROPA), Data Protection Impact Assessment (DPIA), Transfer Impact Assessment (TIA), or Legitimate Interest Assessment (LIA).
2. Advise Product, Engineering, and Departments on privacy, security, and data governance, ensuring a Privacy by Design approach.
3. Collaborate with teams to guide on privacy regulations, anticipate legal risks, and recommend mitigation strategies.
4. Develop practices and controls to grow Grab’s data privacy and compliance programs.
5. Review, draft, and negotiate agreements for international data transfer and processing.
6. Operate and enhance Grab Indonesia’s data privacy program, including compliance monitoring and breach handling.
7. Ensure compliance with data privacy and security laws and regulations in Indonesia.

Kualifikasi

1. 4+ years of experience in a data privacy or legal role, with a focus on data privacy and protection.
2. A degree in law or a Bachelor of Laws (S.H or LL.B.).
3. In-depth knowledge of global data privacy regulations, including Indonesia Persona Data Protection Law, General Data Protection Regulation (GDPR), and others.
4. Experience with data privacy principles, including data minimization, purpose limitation, and transparency.
5. Demonstrated experience providing advices on, rolling out or running a scalable data privacy program in an organization.
6. You have professional proficiency in English (both written and verbal).
7. Can collaborate with diverse, non-legal departments (Tech, Product, Marketing).
8. A Master’s degree focusing on Privacy or Technology laws, or professional privacy certifications (such as CIPP/E, CIPP/A, or CIPM) are preferred.